Measuring snapshot delay between source database system and its asynchronous replica

ABSTRACT

A computer implemented method is provided for determining a delay between a first database and an associated replicated database by replicating transactions of the first database in the replicated database, determining a delay between the two databases based on a commit timestamp from the first database and a timestamp associated with the commit transaction becoming visible in the replicated database. Then, after a predefined period of time has elapsed since replicating the commit transaction, determining a second delay based on a timestamp associated with a heartbeat log and a replicated database system time. And, selectively determining to execute or deny a statement received by the replicated database based on the second delay. Related apparatus, systems, techniques and articles are also described.

TECHNICAL FIELD

The subject matter described herein relates to database systems and moreparticularly to database systems employing a primary database and asecondary, hot-standby, database.

BACKGROUND

A database system includes a database and a database management system(DBMS). A database is an organized collection of data. A DBMS comprisescomputer software that executes on one or more processors and interactswith users, other applications, and a database to capture and analyzedata. A DBMS may allow for the definition, creation, querying, update,and administration of databases.

Database systems rely on data replication and synchronization tomaintain continuous system availability. Typically, in such a system, acomplete copy of the database is stored at a first datacenter and thesame complete copy of the database is stored at a second datacenter. Thefirst and second datacenters may be in different locations or they maybe in the same location. Since the data in the second datacenter needsto be the same as the data in the first datacenter, a synchronizationmechanism is typically employed to handle synchronization of the data.If there is a failure associated with the first datacenter, the systemcan switch to using the database at the second datacenter withoutsignificant issues.

Since the second datacenter may be asked to perform all of the sametasks as the first datacenter, typically, the second datacenter has thesame hardware and software requirements as the first datacenter.Sometimes more than two datacenters may be included within a database.

SUMMARY

A method for implementation by one or more computer processors formingpart of at least one computing device is provided. The method comprisesreplicating transactions of a first database system in a second databasesystem including a commit transaction associated with a statementreceived by the first database system, determining a delay between thefirst database system and the second database system based on a firsttimestamp associated with the commit transaction and a second timestampassociated with the commit transaction becoming visible in the secondarydatabase, determining that a predefined period of time has elapsed sincereplicating the commit transaction, receiving a heartbeat log generatedby the first database system when a period of time elapses without thefirst database system performing a second commit database operation,determining a second delay based on a second database system time and athird timestamp associated with the heartbeat log, and selectivelydetermining to execute or deny a statement received by the secondarydatabase system based on the second delay.

These aspects and other embodiments may include one or more of thefollowing features. Generating a return associated with the statement,the return including all records of the second database system relevantto the statement and having a commit timestamp less than or equal to acommit timestamp associated with the commit transaction. The method mayfurther comprise receiving a second client statement requesting a secondread operation and determining to deny the second client statement basedon a third delay based on a third database system time and the heartbeatlog. The second client statement may further be routed to the firstdatabase system. The determination to deny the second statement may beresponsive to routing data associated with the second statement, therouting data indicating that the second client statement can be executedin either the first database system or the second database system. Themethod may further comprise receiving a second client statementincluding both routing data and a request for a read operation, therouting data describing a maximum delay allowable for the statement tobe executed in the secondary database system, and determining that thesecond client statement may be executed in the second database, androuting the statement to a client application with informationindicating that the statement may be routed to the second databasesystem for execution. The method may further include receiving a returnincluding the second delay, and discarding the return based on thesecond delay. The method may also include, requesting a delay from thesecond database system, and sending a third statement to either thefirst or second database system based on the delay.

In some aspects, a method is provided that includes executing statementscontaining requests for database operations in a primary databasesystem, and generating transaction logs containing information forreplicating the statements or database operations, generating a committransaction log associated with a commit database operation, determiningthat a defined period of time has elapsed since the commit transactionlog has been generated, generating a heartbeat log, and sending thetransaction logs including the heartbeat transaction log to a secondarydatabase system that mirrors the primary database system, and generatinga snapshot delay value based on a timestamp associated with either thecommit database operation or the heartbeat transaction log. Theseaspects and other embodiments may include one or more of the followingfeatures. Replicating the statements or database operations of thegenerated transaction log files in a second database system includingthe commit transaction log and the heartbeat transaction log, whereinreplicating the commit transaction log and the heartbeat transaction logcauses updating the snapshot delay value to reflect a new delay based onthe replicated commit transaction log or heartbeat transaction log.

The method may further include polling, in response to a statementrequesting read operations in the second database the snapshot delayvalue, and selectively determining that the requested read databaseoperations are executed in either the first database system or thesecond database system based on the polled snapshot delay value, causingthe second database system to update the replicated data image whenreplicating the statements or database operations of the generatedtransaction log files in the second database system, and updating thesnapshot delay based on a timestamp associated with the update. Themethod may further comprise requesting the snapshot delay of the seconddatabase system, and selectively determining to route a client readstatement containing a request for a read database operation to thesecond database system based on the snapshot delay, and routing the readstatement to the second database for execution or routing the readstatement to a client application including instructions that the readstatement is to be routed to the second database. The method may furthercomprise routing the read statement to the second database; generating anew snapshot delay; and denying execution of the read statement in thesecond database based on the new snapshot delay; and routing the readstatement back to the client application with information indicativethat the read statement was not executed due to the new snapshot delay.

In some aspects, a method is provided that includes replicating a firstdatabase in a second database while the first database is subject toongoing database operations responsive to client application statements;generating a snapshot delay value indicative of a delay in time betweena database operation becoming visible to the client applicationstatements in the first database and a replicated database operationbecoming visible in the second database, the replicated databaseoperation associated with the database operation, wherein generating asnapshot delay comprises: generating the snapshot delay by calculating adifference between a first timestamp associated with the replicateddatabase transaction becoming visible in the second database and asecond timestamp associated with the database operation becoming visiblein the primary database; or generating the snapshot delay by calculatingthe difference between a current system time of the secondary databaseand the second timestamp.

Non-transitory computer program products (i.e., physically embodiedcomputer program products) are also described that store instructions,which when executed by one or more data processors of one or morecomputing systems, cause at least one data processor to performoperations herein. Similarly, computer systems are also described thatmay include one or more data processors and memory coupled to the one ormore data processors. The memory may temporarily or permanently storeinstructions that cause at least one processor to perform one or more ofthe operations described herein. In addition, methods can be implementedby one or more data processors either within a single computing systemor distributed among two or more computing systems. Such computingsystems can be connected and can exchange data and/or commands or otherinstructions or the like via one or more connections, including but notlimited to a connection over a network (e.g., the Internet, a wirelesswide area network, a local area network, a wide area network, a wirednetwork, or the like), via a direct connection between one or more ofthe multiple computing systems, etc.

The subject matter described herein provides many technical advantages.As an example, the subject matter described herein may provide increasedaverage throughput for a database system during high workloads byenabling effective load balancing techniques for balancing the workloadof a primary system with a backup database system. Protecting the amountof system resources available to replaying transaction logs at thesecondary database or a backup database system may be maintained in anear current state with respect to a primary system that is undercontinuous use by one or more applications or users. Guaranteeing aminimum amount of system memory ensures that the log reply speed at thebackup system can sustain the pace of log generation speed of a primarysystem under write-intensive workloads. By enabling near current andconsistent transactional visibility of transactions that are replicatedfrom a primary database the secondary database is able to assume aportion of the workload of a primary database system while alsoproviding meaning returns in support of that workload. Withoutprotecting system resources allocation to the replication processes,memory allocation to an intensive workload will may degrade thereplication processes thereby causing a substantial delay between anupdate in the primary system and when that update is replicated in thesecondary, or backup, system, and may make the secondary, or backup,database system ineffective in providing support to load balancingoperations. The subject matter described herein allows a computer systemto maintain consistent and useful, near-current, data visibility by asecondary database while data is updated and table structures aremodified while concurrently replicating the of data the primary databasesystem in the secondary database system.

The details of one or more variations of the subject matter describedherein are set forth in the accompanying drawings and the descriptionbelow. Other features and advantages of the subject matter describedherein will be apparent from the description and drawings, and from theclaims.

DESCRIPTION OF DRAWINGS

FIG. 1 is a system diagram illustrating an example database system foruse in connection with the current subject matter;

FIG. 2 is a system diagram illustrating an example database system thatcan support distribution of server components across multiple hosts forscalability and/or availability purposes for use in connection with thecurrent subject matter;

FIG. 3 is a diagram illustrating an architecture for an index server foruse in connection with the current subject matter;

FIG. 4 is a functional flow diagram illustrating an architecture tosupport load balancing between a primary database system and a secondarydatabase system;

FIG. 5 is a functional flow diagram depicting one example solution tomanaging load balancing in a HA/DR system for use in connection with thecurrent subject matter;

FIGS. 6a and 6b are diagrams illustrating two exemplary potentialsources of delay between a source database and an associatedasynchronous replica;

FIG. 7 is a process flow diagram illustrating generating a snapshotdelay based on a heartbeat;

FIG. 8 is a process flow diagram illustrating generating a heartbeat logafter a predefined heartbeat period elapses; and

FIG. 9 is a process flow diagram illustrating generating a snapshotdelay based on whether a predefined period of time has elapsed.

Like reference symbols in the various drawings indicate like elements.

DETAILED DESCRIPTION

The current subject matter is directed to enhanced techniques formanaging a workload load balancing scheme when mirroring a primarydatabase system in a backup database system, for example when such loadbalancing is executed concurrently with replay of database operationsusing, for example, a redo log.

A database or database system may be represented as a table or a set oftables, the tables containing data in rows and/or columns. In a rowbased database, data in a table may be stored and organized by rows.Alternatively, data in a table may also be stored and organized bycolumns and such a database is called a column oriented database or acolumnar database. Column oriented databases typically make moreefficient use of storage by replacing redundant data with a pointer. Oneexample of a database system is SAP HANA®. SAP HANA® is a columnoriented relational database system. SAP HANA® is also an in-memorydatabase (IMDB) in which the data associated with the database is storedin main memory instead of disk storage so it may be accessed morequickly. IMDB systems are generally column oriented databases sincecolumn oriented databases make more efficient use of the expensive mainmemory.

Some databases may utilize replication to improve reliability andavailability of the database. If data replication is implemented, thedatabase system may include a first datacenter and a second datacenter.The first datacenter may include a processor and memory sufficient tostore the data associated with the database. The first datacenter maystore a first (primary) copy of the data associated with the database.The second datacenter may also include a processor and memory sufficientto store the data associated with the database. The second datacentermay store a second (e.g., backup or redundant or replica) copy of thedata associated with the database. In some implementations, the databasemay include more than two datacenters (e.g., three or four datacenters).In some implementations, either one or both of the databases is adistributed system or a single server system.

To better utilize the second (and subsequent) datacenter(s), somedatabase systems, such as SAP HANA®, may simultaneously utilize thefirst datacenter and the second datacenter. In this mode of operation,the first datacenter may be configured to delegate, or route, queries tothe second datacenter to balance the workload between the two systems.Such a situation may be referred to as Active/Active (AA) operationsince the first datacenter and the second datacenter both activelyrespond to queries, or statements, at the same time by executingdatabase operations responsive to the queries, or statements, in orderto provide a response, or return. In some implementations only certaintypes of queries, or statements, may be responded to, or alternativelyexecuted, by the first datacenter or the second datacenter.

In some implementations such balancing may only occur when conditions ofthe first datacenter and the second datacenter are satisfied. The seconddata center may replicate the first database of the first databasecenter in a second database of the second data center, and loadbalancing may only occur when a time delay between the two data centersis sufficiently small, or when a delay in the replication processes atthe second datacenter is sufficiently small. In some implementations,the replication processes may take priority over the ability of one ormore datacenters to support the load balancing operations.

When two or more datacenters or two or more database systems are engagedin load balancing operations, a client application, reliant on adatabase maintained by the first database system and replicated in thesecond database system, may restrict execution of queries to either thefirst database system or the second database system. In such a system,the client application may modify a query, or package a query, withadditional routing information identifying which database may executethe query and under what conditions.

In some embodiments the client may dispatch or issue or transmit itsqueries directly to the database system it wants to obtain a response orreturn from. In other embodiments one or more processes at the clientapplication, the first database system, or the second database systeminform the client application which system will execute the statement orquery. In other embodiments, the client application always issues itsstatements or queries to the first database system. The first databasesystem includes various processes, in a standalone server or in a serverproviding other database services, that support the load balancingoperations by maintaining state data, or having access to such statedata, and making determinations as to whether the statement will beexecuted in the first database system or the second database system. Ifthe load balancing processes determine that a statement may be executedby the second database system, a statement is routed back to the clientapplication with an indication that a statement is to be executed in thedatabase of second database system, that may be a backup or replica ofthe database of the first database system. Then the client applicationissues the query to the second database system for execution, and suchexecution can be contingent upon certain conditions, such as for examplea delay between when a transaction is visible in the primary databasesystem and when the same transaction is replicated and subsequentlyvisible in the secondary database which may be an asynchronouslyreplicated near mirror image of the primary database system, or sourcedatabase.

The subject matter described herein discloses apparatus, systems,techniques and articles that may provide increased average throughputcapabilities for a database system during high workloads to reduce thelikelihood that a request to the database system for data may be queued,buffered or rejected until sufficient system resources are available tocomplete the request. In some examples, apparatus, systems, techniquesand articles disclosed herein utilize secondary, backup, or replicated,database systems to execute queries to reduce the workload of a primarydatabase system, while ensuring that the database systems returnaccurate and relevant results. When a query may be routed from a primarydatabase to a secondary database, if the second database system's statefalls behind the current state of the primary database system by asignificant amount, a return provided by the secondary database may beinaccurate or irrelevant by returning outdated data. A secondarydatabase system's state may fall behind a primary system's state, forexample, when the replication processes is unable to maintain pace withongoing primary system updates.

When a secondary, or backup, database system serves the purpose of HA/DRfunctionality, an apparatus, system, technique or article that utilizesa secondary, backup database system to increase throughput of a workloadon a primary database system must not interfere with the HA/DRfunctionality of the backup system. The use of the backup databasesystem to increase throughput must also maintain the backup database insubstantially the same state as the primary database. In the event ofprimary database system failure, the backup database can assume the roleof the primary database in as little time as possible. Therefore,transactions replicated, or mirrored, to the secondary database must beas close to current as possible.

In a system that mirrors a primary database in a secondary database bytransaction log reply, generation of and subsequent replay oftransaction logs may not be able to keep pace with real time datatransactions in a database system. Under heavy write-intensiveworkloads, replay of transactions executed in the primary by replay oftransaction logs may be optimized by one or more techniques to minimizeany delay, for example, transaction replication may be performed byvarious threads asynchronously operating on distinct dedicated logicalcores of a multi-core processor. Because the replication processesexecute asynchronously, there is no guarantee that updates to theprimary database will be replicated in the same order as they areexecuted in the primary database system. In order to provide meaningfuland useful workload support, a secondary system must be able to providetemporally consistent view into the data of the replicated database. Onepossible way of providing transactionally consistent view is bymaintaining a global commit timestamp in the replicated database, whichestablishes the visibility of all transactions, by making visible alltransactions committed in the replicated database before the globalcommit timestamp and making invisible all transactions not yet committedas of the global commit timestamp. The global commit timestamp may beassociated with the most recently committed transaction in thereplicated database system. As long as the secondary database presentsconsistent views into the data, it is acceptable that the replicationmay be slightly delayed. Determining what is an acceptable delay is leftto a particular application designer.

Therefore, it is desirable to measure the replication delay between aprimary system and its secondary, replicated, or backup, database systemand make that delay available for decision making at the database systemor application level. Also, in order enable functional and useful loadbalancing, statements routed to the backup database system thatencounter a substantial delay between the data visibility, or thesnapshot, of the secondary database system and its primary databasesystem, should be routed back to the client application or to theprimary database system with an indication that the statement was notexecuted due to the snapshot delay.

FIG. 1 is a diagram 100 illustrating a database system 105 that can beused to implement aspects of the current subject matter. The databasesystem 105 can, for example, include an in-memory database in which allrelevant data is kept in main memory so that read operations can beexecuted without disk I/O and in which disk storage is required to makeany changes durables. The database system 105 can include a plurality ofservers including, for example, one or more of an index server 110, aname server 115, and/or an application server 120. The database system105 can also include one or more of an extended store server 125, adatabase deployment infrastructure (DDI) server 130, a data provisioningserver 135, and/or a streaming cluster 140. The database system 105 canbe accessed by a plurality of remote clients 145, 150 via differentprotocols such as SQL/MDX (by way of the index server 110) and/orweb-based protocols such as HTTP (by way of the application server 120).

The index server 110 can contain in-memory data stores and engines forprocessing data. The index server 110 can also be accessed by remotetools (via, for example, SQL queries), that can provide variousdevelopment environment and administration tools. Additional detailsregarding an example implementation of the index server 110 is describedand illustrated in connection with diagram 300 of FIG. 3.

The name server 115 can own information about the topology of thedatabase system 105. In a distributed database system, the name server115 can know where various components are running and which data islocated on which server. In a database system 105 with multiple databasecontainers, the name server 115 can have information about existingdatabase containers and it can also hosts the system database. Forexample, the name server 115 can manage the information about existingtenant databases. Unlike a name server 115 in a single-container system,the name server 115 in a database system 105 having multiple databasecontainers does not store topology information such as the location oftables in a distributed database. In a multi-container database system105 such database-level topology information can be stored as part ofthe catalogs of the tenant databases.

The application server 120 can enable native web applications used byone or more remote clients 150 accessing the database system 105 via aweb protocol such as HTTP. The application server 120 can allowdevelopers to write and run various database applications without theneed to run an additional application server. The application server 120can also used to run web-based tools 155 for administration, life-cyclemanagement and development. Other administration and development tools160 can directly access the index server 110 for, example, via SQL andother protocols.

The extended store server 125 can be part of a dynamic tiering optionthat can include a high-performance disk-based column store for very bigdata up to the petabyte range and beyond. Less frequently accessed data(for which is it non-optimal to maintain in main memory of the indexserver 110) can be put into the extended store server 125. The dynamictiering of the extended store server 125 allows for hosting of verylarge databases with a reduced cost of ownership as compared toconventional arrangements.

The DDI server 130 can be a separate server process that is part of adatabase deployment infrastructure (DDI). The DDI can be a layer of thedatabase system 105 that simplifies the deployment of database objectsusing declarative design time artifacts. DDI can ensure a consistentdeployment, for example by guaranteeing that multiple objects aredeployed in the right sequence based on dependencies, and byimplementing a transactional all-or-nothing deployment.

The data provisioning server 135 can provide enterprise informationmanagement and enable capabilities such as data provisioning in realtime and batch mode, real-time data transformations, data qualityfunctions, adapters for various types of remote sources, and an adapterSDK for developing additional adapters.

The streaming cluster 140 allows for various types of data streams(i.e., data feeds, etc.) to be utilized by the database system 105. Thestreaming cluster 140 allows for both consumption of data streams andfor complex event processing.

FIG. 2 is a diagram 200 illustrating a variation of the database system105 that can support distribution of server components across multiplehosts for scalability and/or availability purposes. This database system105 can, for example, be identified by a single system ID (SID) and itis perceived as one unit from the perspective of an administrator, whocan install, update, start up, shut down, or backup the system as awhole. The different components of the database system 105 can share thesame metadata, and requests from client applications 230 can betransparently dispatched to different servers 110 ₁₋₃, 120 ₁₋₃, in thesystem, if required.

As is illustrated in FIG. 2, the distributed database system 105 can beinstalled on more than one host 210 ₁₋₃. Each host 210 ₁₋₃ is a machinethat can comprise at least one data processor (e.g., a CPU, etc.),memory, storage, a network interface, and an operation system and whichexecutes part of the database system 105. Each host 210 ₁₋₃ can executea database instance 220 ₁₋₃ which comprises the set of components of thedistributed database system 105 that are installed on one host 210 ₁₋₃.FIG. 2 shows a distributed system with three hosts, which each run aname server 110 ₁₋₃, index server 120 ₁₋₃, and so on (other componentsare omitted to simplify the illustration).

FIG. 3 is a diagram 300 illustrating an architecture for the indexserver 110 (which can, as indicated above, be one of many instances). Aconnection and session management component 302 can create and managesessions and connections for the client applications 150. For eachsession, a set of parameters can be maintained such as, for example,auto commit settings or the current transaction isolation level.

Requests from the client applications 150 can be processed and executedby way of a request processing and execution control component 310. Thedatabase system 105 offers rich programming capabilities for runningapplication-specific calculations inside the database system. Inaddition to SQL, MDX, and WIPE, the database system 105 can providedifferent programming languages for different use cases. SQLScript canbe used to write database procedures and user defined functions that canbe used in SQL statements. The L language is an imperative language,which can be used to implement operator logic that can be called bySQLScript procedures and for writing user-defined functions.

Once a session is established, client applications 150 typically use SQLstatements to communicate with the index server 110 which can be handledby a SQL processor 312 within the request processing and executioncontrol component 310. Analytical applications can use themultidimensional query language MDX (MultiDimensional eXpressions) viaan MDX processor 322. For graph data, applications can use GEM (GraphQuery and Manipulation) via a GEM processor 316, a graph query andmanipulation language. SQL statements and MDX queries can be sent overthe same connection with the client application 150 using the samenetwork communication protocol. GEM statements can be sent using abuilt-in SQL system procedure.

The index server 110 can include an authentication component 304 thatcan be invoked with a new connection with a client application 150 isestablished. Users can be authenticated either by the database system105 itself (login with user and password) or authentication can bedelegated to an external authentication provider. An authorizationmanager 306 can be invoked by other components of the database system150 to check whether the user has the required privileges to execute therequested operations.

Each statement can be processed in the context of a transaction. Newsessions can be implicitly assigned to a new transaction. The indexserver 110 can include a transaction manager 344 that coordinatestransactions, controls transactional isolation, and keeps track ofrunning and closed transactions. When a transaction is committed orrolled back, the transaction manager 344 can inform the involved enginesabout this event so they can execute necessary actions. The transactionmanager 344 can provide various types of concurrency control and it cancooperate with a persistence layer 346 to achieve atomic and durabletransactions.

Incoming SQL requests from the client applications 150 can be e receivedby the SQL processor 312. Data manipulation statements can be executedby the SQL processor 312 itself. Other types of requests can bedelegated to the respective components. Data definition statements canbe dispatched to a metadata manager 306, transaction control statementscan be forwarded to the transaction manager 344, planning commands canbe routed to a planning engine 318, and task related commands canforwarded to a task manager 324 (which can be part of a larger taskframework) Incoming MDX requests can be delegated to the MDX processor322. Procedure calls can be forwarded to the procedure processor 314,which further dispatches the calls, for example to a calculation engine326, the GEM processor 316, a repository 300, or a DDI proxy 328.

The index server 110 can also include a planning engine 318 that allowsplanning applications, for instance for financial planning, to executebasic planning operations in the database layer. One such basicoperation is to create a new version of a data set as a copy of anexisting one while applying filters and transformations. For example,planning data for a new year can be created as a copy of the data fromthe previous year. Another example for a planning operation is thedisaggregation operation that distributes target values from higher tolower aggregation levels based on a distribution function.

The SQL processor 312 can include an enterprise performance management(EPM) runtime component 320 that can form part of a larger platformproviding an infrastructure for developing and running enterpriseperformance management applications on the database system 105. Whilethe planning engine 318 can provide basic planning operations, the EPMplatform provides a foundation for complete planning applications, basedon by application-specific planning models managed in the databasesystem 105.

The calculation engine 326 can provide a common infrastructure thatimplements various features such as SQLScript, MDX, GEM, tasks, andplanning operations. The SQLScript processor 312, the MDX processor 322,the planning engine 318, the task manager 324, and the GEM processor 316can translate the different programming languages, query languages, andmodels into a common representation that is optimized and executed bythe calculation engine 326. The calculation engine 326 can implementthose features using temporary results 340 which can be based, in part,on data within the relational stores 332.

Metadata can be accessed via the metadata manager component 308.Metadata, in this context, can comprise a variety of objects, such asdefinitions of relational tables, columns, views, indexes andprocedures. Metadata of all these types can be stored in one commondatabase catalog for all stores. The database catalog can be stored intables in a row store 336 forming part of a group of relational stores332. Other aspects of the database system 105 including, for example,support and multi-version concurrency control can also be used formetadata management. In distributed systems, central metadata is sharedacross servers and the metadata manager 308 can coordinate or otherwisemanage such sharing.

The relational stores 332 form the different data management componentsof the index server 110 and these relational stores can, for example,store data in main memory. The row store 336, a column store 338, and afederation component 334 are all relational data stores which canprovide access to data organized in relational tables. The column store338 can stores relational tables column-wise (i.e., in a column-orientedfashion, etc.). The column store 338 can also comprise text search andanalysis capabilities, support for spatial data, and operators andstorage for graph-structured data. With regard to graph-structured data,from an application viewpoint, the column store 338 could be viewed as anon-relational and schema-flexible in-memory data store forgraph-structured data. However, technically such a graph store is not aseparate physical data store. Instead it is built using the column store338, which can have a dedicated graph API.

The row store 336 can stores relational tables row-wise. When a table iscreated, the creator can specify whether it should be row orcolumn-based. Tables can be migrated between the two storage formats.While certain SQL extensions are only available for one kind of table(such as the “merge” command for column tables), standard SQL can beused on all tables. The index server 110 also provides functionality tocombine both kinds of tables in one statement (join, sub query, union).

The federation component 334 can be viewed as a virtual relational datastore. The federation component 334 can provide access to remote data inexternal data source system(s) 354 through virtual tables, which can beused in SQL queries in a fashion similar to normal tables.

The database system 105 can include an integration of a non-relationaldata store 342 into the index server 110. For example, thenon-relational data store 342 can have data represented as networks ofC++ objects, which can be persisted to disk. The non-relational datastore 342 can be used, for example, for optimization and planning tasksthat operate on large networks of data objects, for example in supplychain management. Unlike the row store 336 and the column store 338, thenon-relational data store 342 does not use relational tables; rather,objects can be directly stored in containers provided by the persistencelayer 346. Fixed size entry containers can be used to store objects ofone class. Persisted objects can be loaded via their persisted objectIDs, which can also be used to persist references between objects. Inaddition, access via in-memory indexes is supported. In that case, theobjects need to contain search keys. The in-memory search index iscreated on first access. The non-relational data store 342 can beintegrated with the transaction manager 344 to extends transactionmanagement with sub-transactions, and to also provide a differentlocking protocol and implementation of multi version concurrencycontrol.

An extended store is another relational store that can be used orotherwise form part of the database system 105. The extended store can,for example, be a disk-based column store optimized for managing verybig tables, which ones do not want to keep in memory (as with therelational stores 332). The extended store can run in an extended storeserver 125 separate from the index server 110. The index server 110 canuse the federation component 334 to send SQL statements to the extendedstore server 125.

The persistence layer 346 is responsible for durability and atomicity oftransactions. The persistence layer 346 can ensure that the databasesystem 105 is restored to the most recent committed state after arestart and that transactions are either completely executed orcompletely undone. To achieve this goal in an efficient way, thepersistence layer 346 can use a combination of write-ahead logs, shadowpaging and savepoints. The persistence layer 346 can provide interfacesfor writing and reading persisted data and it can also contain a loggercomponent that manages a transaction log. Transaction log entries can bewritten in the persistence layer 352 (e.g., in transaction log volumes352) explicitly by using a log interface or implicitly when using thevirtual file abstraction. The transaction log volume 352 can includeredo logs which specify database operations to be replayed as well asundo logs which specify database operations to be undone.

The persistence layer 236 stores data in persistent disk storage 348which, in turn, can include data volumes 350 and/or transaction logvolumes 352 that can be organized in pages. Different page sizes can besupported, for example, between 4 k and 16M. Data can be loaded from thedisk storage 348 and stored to disk page wise. For read and writeaccess, pages can be loaded into a page buffer in memory. The pagebuffer need not have a minimum or maximum size, rather, all free memorynot used for other things can be used for the page buffer. If the memoryis needed elsewhere, least recently used pages can be removed from thecache. If a modified page is chosen to be removed, the page first needsto be persisted to disk storage 348. While the pages and the page bufferare managed by the persistence layer 346, the in-memory stores (i.e.,the relational stores 332) can access data within loaded pages.

In many applications, data systems may be required to support operationson a 24/7 schedule, and data system providers may be required toguarantee a maximum amount of downtime, that is time during which asystem is not able to fully support ongoing operations. When a system isrequired to ensure an agreed level of operational performance, it may bereferred to as a high availability system (“HA”). One solution toguarantee substantially continuous uptime with no, or very little,downtime is to maintain one or more hot-standby systems. A hot-standbysystem, or a backup system, is a system that may be activated quickly inthe event of a disruption causing one or more functions of a primaryoperational data system to fail. Such a disruption may be referred to asa disaster, and the process of restoring a data system to fulloperations may be referred to as disaster-recovery (“DR”).

A hot-standby system may be an exact replica of a primary operationalsystem that is capable of providing all the functions provided by theprimary operational system, or a hot-standby may be a system that iscapable of providing a minimum amount of essential functionality duringthe time required to restore the primary operational data system. Thetime it takes after a disaster to restore full, or minimum,functionality of a data system, for example by bringing a hot-standbyonline, is referred to as recovery time. In an effort to minimizerecovery time, and thereby downtime, a hot-standby system is typicallyin a state just short of fully operational. For example, a systemarchitecture may be implemented in which all functional systems of thehot-standby are active and operational, and all system and data changesor updates occur in the primary operational system and the hot-standbyat the exact same time. In such a case the only difference in the twosystems may be that the primary is configured to respond to userrequests and the secondary is not. In other hot-standby systems one ormore functions may be disabled until mission critical systems of thehot-standby are observed to be operating normally, at which time theremaining functions may be brought online.

In many applications, data systems may be required to provide promptresponses to users and applications that rely on the data managed by thedata system. Providers and designers of data systems may be required toguarantee a minimum average throughput over time, or an average maximumresponse time. The speed with which a data system responds to a requestfrom a user or an application may be dependent on many factors, but allsystems are limited in the number of requests they can handle in a givenperiod of time. When a data system manages a relatively large amount ofdata, and supports a relatively large number of users or applications,during high workloads a request may be queued, buffered or rejecteduntil sufficient system resources are available to complete the request.When this happens, average throughput goes down and average responsetime goes up. One solution to such a problem is to distribute theworkload across multiple processing systems. This is known as loadbalancing.

One drawback to load balancing and HA systems is that they may requireadditional processing systems, which in turn have a high cost. It isoften the case with certain data systems supporting critical functionsof an organization that additional systems are needed to perform bothload balancing and HA functionality to efficiently support continuousoperations. Given the redundant nature of DR systems, they are oftenleft undisturbed unless a disaster occurs. Thus, in some circumstances,it is desirable to implement and maintain a combination highavailability/disaster recovery (HA/DR) system with load balancing thatincludes both a primary operational system and a hot-standby system, andpotentially one or more tertiary systems. Such a combination systemallows for load balancing of workload between the processing systems ofboth the primary operational system and the hot-standby system, withoutdisrupting the ability of the HA/DR system to assume primaryfunctionality in the event of a disaster.

FIG. 4 is a functional flow diagram illustrating an architecture 400 tosupport load balancing between a primary database system, or primarysystem 405 a and a secondary database system, or secondary system 405 b,which serves as hot-standby to primary system 405 a. Each of the primarysystem 405 a and the secondary system 405 b may be a single instancesystem, similar to database system 105 depicted in FIG. 1, or each maybe a distributed variation of database system 105 as depicted in FIG. 2.Such an architecture 400 may be useful in a high availability datasystem, or in a disaster recovery system, or in a combination HA/DRsystem.

Each of the primary system 405 a and secondary system 405 b may includea load balancing functionality. Such load balancing functionality mayfor example be contained within a distinct load balancing server 470 aor 470 b. But, such load balancing functionality may be managed by anysuitable processing system. For example, the application server 120 ofthe primary system may also manage the load balancing of requests issuedto the application server of the primary system 405 a, sending requeststo the secondary system 405 b as necessary to maintain a welldistributed workload. The various load balancing processes operating inserver 470 a or 470 b may be components of a larger DBMS system formanaging the primary system 405 a and secondary system 405 b.

As depicted in FIG. 4, each of the primary system 405 a and thesecondary system 405 b includes a load balancing server 470 a and 470 bwhich respectively receive requests from user applications directed tothe primary system 405 a or the secondary system 405 b. Such request maycome from either admin tools 460 or web-based tools 450, or any otheruser application. Upon receiving a request a load balancing server, e.g.470 a, determines how to distribute the workload. As depicted loadbalancing server 470 a routes an SQL request 465 from admin tools 460 tothe index server 110 of the primary system 405 a, while routing an HTTPrequest 455 from web-based tools 450 to the application server 120 ofthe secondary system 405 b.

Load balancing of resources between a primary system 405 a and asecondary system 405 b can give rise to a number of complicating issues.For example, if either of the requests 455, 465 requires writing to oneor more data tables, or modifying a data table, then the two systems 405a, 405 b will diverge. After many instances of write requests beingdistributed between the primary system 405 a and the secondary system405 b, the two systems would be substantially different, and likelyunusable. In another example, an application request, e.g. 465, mayperform a write transaction that is followed by a read transaction, e.g.455, related to the data written by the write request 465. If the writerequest is allocated to the primary system 405 a, the read request wouldobtain a different result depending on whether the subsequent readtransaction is carried out by the primary system 405 a or by thesecondary system 405 b.

Load balancing in a HA/DR system, by distributing a portion of theworkload of a primary data system to a hot-standby or backup system mustbe done in a way that does not disturb the principal purpose of thebackup system, which is to substantially eliminate downtime in a highavailability system by enabling quick and efficient recovery ofoperations. In other words, as a rule load balancing cannot break thehot-standby. Given this principal purpose, any solution that enablesload balancing of workload between a primary system and a backup systemmust maintain the backup system in an identical, or nearly identical,state as the primary system. Such a solution should also avoid orprohibit any actions which may cause the state of the backup system tosubstantially diverge from the state of the primary system. In this way,in the event of a partial or total failure of the primary system due todisaster, the backup system can failover to a primary system mode withminimal or no impact to client applications.

FIG. 5 depicts one possible solution to managing load balancing in aHA/DR system 500. HA/DR system 500 includes a primary system 505 and asecondary system 510 and is capable of load balancing between primarysystem 505 and secondary system 510 without interfering with thehot-standby functionality of the secondary system 510. Each of primarysystem 505 and secondary system 510 may be single instance databasesystems similar to database system 105 depicted in FIG. 1, or adistributed variation of database system 105 as depicted in FIG. 2.Furthermore, each of primary system 505 and secondary system 510 maycomprise less, more or all the functionality ascribed to index server110, 300, name server 115, application server 120, extended store server125, DDI server 130, data provisioning server 135, and stream cluster140. But, for simplicity of illustration HA/DR system 500 has beensimplified to highlight certain functionality by merely distinguishingbetween processing control 555, 560 and a persistence layer 565, 570 ofeach respective system 505, 510. These various components may comprise aDBMS system for controlling the HA/DR system 500 and constitute variousprocesses and components executing within processing control 555, 560and the persistence layer 565, 570. The DBMS system therefore interactswith and maintains the database as it is held in main memory 535, 540and persisted in the persistence layer 565, 570.

A collection of clients may each maintain an open connection to both theprimary system 505 and the secondary system 525. Clients 515 mayinteract with a database managed by the primary system 505 or thesecondary system 510. Such clients may interact through clientapplications or through components of the DBMS system executing at theclient 515. In other cases, the clients may rely on a client applicationlibrary containing various processes and techniques for interacting withthe database systems. For example, a client 515 maintains a read/writeconnection for issuing read and write statements 520 to the primarysystem 505 and a read only connection for issuing read statements 525 tothe secondary system 510. Alternatively, client 515 may maintain aread/write connection with each of the primary system 505 and thesecondary system 510, while processes within the secondary system 510itself prohibit execution of any requests that require a writetransaction upon the secondary system while it is in backup mode. Inembodiments read/write statements 520 are issued to the primary databasesystem 505, while only read statements 525 are issued to the backup, orsecondary, database system 510.

In embodiments load balancing of the workload required by a clientapplication executing at client 515 is managed by the client 515application itself. Alternatively, a client 515 application may submit aquery request to either the primary system 505 or the secondary system510 with routing data indicating that the statement may be loadbalanced, or routed to the secondary database system 505, and includingone or more routing conditions. Process control 555, 560 load balancingprocesses executing on processor 545, 550 may then determine where thequery should be executed and replies to the client 515 with instructionsidentifying which system the client 515 should issue the query to. Thisdetermination may consider various conditions related, among otherthings, to the state of a primary database system 505 or a state of thesecondary databse system 510. For example, the determination mayconsider a delay between the current transactions executing in theprimary system and the secondary system caused by the time required toreplicate transactions of the primary system in the secondary system.

Primary system 505 may include an in-memory database in whichsubstantially all actively used data may be kept and maintained in mainmemory 535 so that operations can be executed without disk I/O, whichrequires accessing disk storage. As statements are execute the in-memorydatabase is updated by various database operations caused by thestatement. In embodiments, these database operations also generatetransaction logs which are shipped to the secondary system 510 forreplication 530 in the secondary database system 510. During replicationthe secondary database system 510 mirrors the primary database system505. In embodiments, applications that rely on the primary databasesystem 505 may allow for transactions to be executed in the replicatedor mirror database at the secondary database system 510. Theseapplications may impose conditions on when a requested transaction canbe routed to a secondary database 510. This routing may occur when theprimary database system 510 is engaged in load balancing of a workloadbetween the primary system 505 and the secondary system 510. Onepotential condition may be that the statement may only be routed to orexecuted in the secondary database system when a delay in time betweenthe current operations in the primary system 505 and the replication ofthe primary system in the secondary system 510 is below a threshold.

In embodiments, primary system 505 may be the primary operational systemfor providing the various functionality necessary to support 24/7operations for an organization. Secondary system 510 may be ahot-standby, ready to come online with minimal recovery time so as tominimize downtime. Secondary system 510 may be an identical physicalsystem as primary system 505, and may be configured in a substantiallyidentical manner in order to enable the secondary system 510 to provideall the same functionality as primary system 505. For example,processing control 560 may include all the same applications andfunctionality as processing control 555, and persistence layer 570 mayinclude data volumes 580 and log volumes 590 that are configured in anidentical manner as data volumes 575 and log volumes 585 respectively.Secondary system 510 may also include an in-memory database kept andmaintained primarily in main memory 540.

In embodiments, primary system 505 and secondary system 510 differ inthat all requests, from client 515 or otherwise, that require a writetransaction are executed only in primary system 505. Primary system 505and secondary system 510 further differ in that all write transactionsare prohibited by the secondary system 510. In order to propagatechanges to the data or the underlying schema from the primary system 505to the secondary system 510, processor 545 also replicates 530transaction logs directly to the process control 560 of the secondarysystem 510. Process control 560 includes processes that cause processor550 to then replay the transaction logs replicated from the primarysystem 505, thereby replicating or mirroring the transactions or data atthe secondary system 510. As transaction logs are replayed, the varioustransactions executed at the primary system become reflected in thesecondary system 510. In order to ensure both the HA functionality andthe load balancing functionality, replay of the transaction logs at thesecondary system places data in main memory 540, and also persists anydata committed in the primary system to persistence layer 570 to bestored by data volumes 580. Replay of the transaction logs at thesecondary system 510 may also results in transaction logs beingpersisted in log volumes 590.

Transaction logs (e.g., redo logs, undo logs, cleanup logs, commit logs,savepoint logs, heartbeat logs, etc.) may be replicated 530 in differentways. In embodiments, a standby system is maintained in nearly the samestate as the primary system, and logs may be replicated synchronouslymeaning that the primary system will not commit a transaction until thesecondary successfully responds to the log replication. Such anarrangement slows performance of the primary system 505, 405 a.Conversely, where performance of a primary system is a priority, logsmay be replicated asynchronously, in which case the primary operationproceeds with committing transactions without waiting for a response.Various tradeoffs can be made between these two scenarios to achieve aproper level of performance while ensuring replication of critical data.

A secondary system in standby mode, such as secondary system 510, canonly be as current as its most recently replayed transaction logs.Transaction logs are replicated and replayed at the secondary system 510only after a transaction executes in the primary system 505. Secondarysystem 510, therefore, is always slightly behind an associated primarysystem 515 except when there is no workload at the primary databasesystem during which time the replication processes may catch up to theprimary database system. Also, there is no guarantee that a query routedto the primary system in a load balancing effort will be executedbefore, during or after a particular transaction log is replayed. Thus,the state of the primary system 505 and the state of the secondarysystem 510 will rarely if ever be identical. But, by addressing certainconcerns, a replicated system, or secondary system, 510 may be kept in astate substantially close to the state of the primary system 505 suchthat the workload required by many operations can be supported by thesecondary 510.

As discussed above, when a secondary, or backup, database system 405 b,510 serves the purpose of HA/DR functionality, and a load balancingoperation simultaneously utilizes the secondary, backup, database system405 b, 510 to increase throughput of a workload on a primary databasesystem, the load balancing operations may give rise to a delay betweenthe primary database system 405 a, 505 and the secondary database system405 b, 510. The use of the backup database system 405 b, 510 by loadbalancing operations to increase throughput ideally maintains the backupdatabase in nearly the same state as the primary database. But, when thereplication processes are asynchronous, they may cause a delay betweenwhen particular transactions are executed and committed, and thusvisible, in a primary database system 405 a, 505 and when thosetransactions are replicated, and thus visible, in the secondary databasesystem 405 b, 510.

When a delay develops between the primary system and the secondarysystem, a query executed in the primary system, e.g. 505, may obtaindifferent results from the exact same query executing in the secondarysystem, e.g. 510, as the exact same time. In such a case, the visibilityof the data within each database is different by virtue of thereplication process. What is visible to queries, or statements, executedin the primary database at t[n] may only be available in an associateddatabase at a later time t[n−d] where d is the delay. In embodiments,the visibility of data (i.e. what a query may return by virtue of whathas been committed to the particular database) is referred to as asnapshot. When a query, or statement, is received, that query ispresented a snapshot of the database at the time the query is received,and the basis for the return to the query is the snapshot. In manycases, a delay between a snapshot in the primary database 505 and thesame snapshot in the secondary database 510 may be acceptable so long asthe results are consistent and the delay is within an allowable lengthof time as determined by the application or system designer.

In general, a delay between snapshots may be calculated as TS2−TS1,where TS1 is a time when a committed change becomes visible in theprimary system (e.g. when a change becomes visible to a snapshot) andTS2 is a time when the same committed change becomes visible in thereplicated database (e.g. the secondary database, or the backupdatabase). But, it is preferable to calculate and manage a delay whileminimizing the overhead in a workload. Thus, in the replicated databasesystem, e.g. 510, a delay should be calculated without reference to theprimary database system. When an application desires to know the delay,it may issue a request to the secondary system 510, which then generatesthe delay based on information available at the secondary system 510.Also, when a statement is issued to the secondary database system 510,and the statement requests database operations of the secondary databasesystem 510 so long as a maximum delay is not exceeded, the secondarydatabase system 510 is able to determine the delay without reference tothe primary database system 505.

In embodiments, instead of relying on TS1 and TS2, calculating the delayrelies on alternate, approximated, timesstamps associated with TS1 andTS2. Instead of time TS1, the time a transaction becomes visible in theprimary database system 505 may be approximated instead by a timestampA_TS1 associated with when a commit operation is written to atransaction log. Or TS1 may be sufficiently approximated by A_TS1, atimestamp generated when the commit log itself is written into areplication send buffer of the primary database system 505 causing thetransaction log containing the commit log to be sent to the secondarydatabase system 510 as part of the mirroring or replication 530processes. Similarly, instead of TS2, the time a committed changebecomes visible in the secondary, backup, or replicated database 510 maybe approximated by A_TS2, a timestamp when the commit operation isreplicated or replayed in order to become visible in the secondarydatabase. These approximations may be acceptable because in manyapplications one second may be an acceptable minimum unit of time delay.The difference between TS1 and A_TS1 will be nearly identical, anddiffering on the nanosecond, microsecond, or milisecond scale. Based onsystem design and preferences, any timestamp sufficiently close to whenthe data becomes visible in the snapshot of the particular database willsuffice, and can be chosen during design time based on process executionflows within each database system.

In embodiments, certain exceptions must be dealt with when determining adelay between a database system, e.g. 505, and its replicated backupsystem, e.g. 510. For example, in a first case a primary system 505 maycommit transactions during a period of time while the secondary system510 is not receiving replication logs, for example if there are issueswith the network between the two systems interrupting log replication530. Another case arises when the databases are fully synced, but theprimary system 505 does not send replication logs, because the primarysystem 505 has not committed any new changes to be replicated. In thefirst case, the delay is real, and the client application or end usershould be aware of the delay in order to take appropriate action. In thesecond case, however, the delay arises because, e.g. TS2 or A_TS2, isbased on the last time a commit log was replayed in by the secondarydatabase 510. In this case, the delay is not real, but instead is aresult of how the delay is calculated. Relying on the general formulaTS2−TS1 or A_TS2−A_TS1 will handle the second case (e.g. show anaccurate delay based on the delay calculated the last time a log wasreplicated), but the case where network problems preclude, or delay,replication of the transaction logs will not be detected and the delaywill grow without explanation.

In embodiments, a system heartbeat-like approach is implemented, basedon the sending and receiving of transaction logs, and without the needfor a separate heart-beating protocol between the source, or primary,database system 405 a, 505 and the replica, or secondary, or backup,system 405 b, 510. In embodiments, when a commit transaction isexecuted, a transaction log reflecting this is generated including acommit timestamp, and other associated timestamps, and then thetransaction log is queued in a send buffer to be sent 530 to thesecondary database 510 for replication. Thus, by leveraging this processof generating, sending, and replicating transactions based ontransaction logs, a heartbeat like operation can be implemented withouta distinct heartbeat protocol separate from the transaction log replayprocesses.

This heartbeat operation may be managed by the DBMS of the primary orsecondary database system. For example, the primary system may keeptrack of the time after a commit operation is executed in the primarysystem. For example, the primary system may set a timer when atransaction is committed, and subsequently reset the time every time atransaction is committed. Or, the primary system may keep track of howlong a transaction log send buffer remains empty. Or, the primary systemcan determine a period of time has elapsed since a last update by anysuitable means. In any case, the primary system 505 may determine that asufficient period of time has elapsed since the last update, commit, orsend operation associated with database replication has occurred, andthen generate and send a heartbeat log to the secondary database system510. This heartbeat log may be a dummy commit log, or a false committransaction, or it may not contain any transaction data at all, andsimply include one or more timestamps associated with the heartbeat log.

When this heartbeat log, or dummy commit log, or false committransaction is received by the secondary system 510, or when it isreplayed as part of the replication processes 530, the delay is updatedin the secondary system based on a timestamp associated with theheartbeat log. This timestamp associated with the heartbeat log may bereferred to as a heartbeat timestamp. The update timestamp associatedwith the heartbeat log may be a dummy commit timestamp, or a sendtimestamp associated with the sending, or a buffer write timestampassociated with the writing of the heartbeat log to the send buffer. Anytimestamp sufficiently close to the commit operation will suffice andmay be selected based on system design. In other cases, the DBMSprocesses in process control 545 and 550 will be preconfigured with aselected timestamp. The DBMS may also have a configurable timestampallowing a system administrator to select which timestamp to rely on forcalculating snapshot delay.

In embodiments, when a query or statement is received for execution at asecondary database system 405 b, 510, the snapshot delay may becalculated by processes within process control 560 executing onprocessor 550, according to the following rules. First, a definedheartbeat period is established. Then, if the current system time(“CTS”) less TS2, or A_TS2, is less than a defined heart-beating period,the snapshot delay is TS2−TS1, or A_TS2−A_TS1. But, if the CTS less TS2,or A_TS2, is greater than the heart-beating period, then the snapshotdelay is equal to the CTS−TS1, or A_TS1, where TS1 and A_TS1 is atimestamp associated with a heartbeat log. Thus, if the time between alast commit replicated, or received, by the secondary database system510 occurred within the previous defined heartbeat period, then thesnapshot delay is equal to (TS2∥A_TS2)−(TS1∥A_TS1). But if the lastcommit replicated or received by the secondary database system 510occurred further in the past than the defined heartbeat period, thedelay is equal to CTS−(TS1∥A_TS1). In each situation TS1 and TS2 arerespectively the time a commit becomes visible in the primary, and thetime the commit becomes visible in the secondary. And, in each situationA_TS1 and A_TS2 are timestamps associated with acceptable approximationsof TS1 and TS2 as selected by the system designer (e.g. A_TS1 may be thetime the transaction log was written to a send buffer, and A_TS2 may bethe time the transaction log was replayed).

This snapshot delay may be relied upon when determining whether asecondary database system 510 is sufficiently close in time to anassociated primary database 505 that it may provide support for routedstatements in a load balancing operation of an HA/DR system 500. Forexample, when a statement is received at the secondary database system510, the snapshot delay can be evaluated against a predetermined maximumdelay parameter, and if the snapshot delay exceeds the maximum delayidentified by the maximum delay parameter, the secondary database systemcan initiate a fallback procedure. For example, the secondary databasesystem 510 may mark the statement as unexecuted and return it to theissuing client or client application. The returned unexecuted statementmay include information indicative of the delay. If the statement wasrouted to the secondary database system 510 by the primary databasesystem 505, the secondary database system may reply to the primarydatabase system with information indicative of the delay and that thestatement was not executed in the secondary database system 510.

A client 515 application, or the load balancing operations of HA/DRsystem 500, may also from time to time poll the snapshot delay of thesecondary database system during load balancing operations to determinewhether to route a statement to the secondary database system forexecution. A client 515 application, or the load balancing operations ofsystem 500, may also address fallback procedures in a way that istailored to the application, as determined by an application or systemdesigner. For example, the client application 515 may issue the fallbackstatement to the primary system 505 for execution. This may be the casewhere the application seeks to minimize the time waiting to receive aresponse to the statement. Alternatively, the client application 515 maywait a predetermined amount of time and reissue the statement to thesecondary database system to reattempt execution there. This may be thecase where non-critical queries are always routed to a secondary system510 based on policies of system 500 in order to free primary databasesystem 505 resources for critical tasks. Alternatively, where the loadbalancing processes dictate where statements are executed the clientapplication 515 may inform the load balancing processes, e.g. in processcontrol 555, or of load balancing server 470 a or 470 b, of the delayand allow the load balancing processes to determine how to addresssecondary database 510 snapshot delay.

FIGS. 6a and 6b illustrate two potential ways a snapshot delay arisesbetween a primary database system 610 a, 610 b and a secondary databasesystem 620 a, 620 b. A primary database system 610 a, 610 b and asecondary database system 620 a, 620 b are engaged in transaction logreplication 530 to enable a secondary database system 620 a, 620 b tomirror the primary database system 610 a, 610 b. In the first possiblescenario, a transaction comprising database operations requested by astatement causes an update to the primary database 610 a. The primarydatabase 610 a is part of an HA/DR system, such as HA/DR system 500. Ithas an associated secondary database 620 a. Once the update iscommitted, the primary database system 610 a writes the commit log tothe global log send buffer 630 a and the log is replicated 530 to thesecondary database system. Thereafter, the primary database system 610 awrites the commit log to disk 640 a and then at TS1, the committedchange becomes visible to statements received at the primary databasesystem. After the transaction logs are replicated 530 to the secondarydatabase system they may be stored to a persistent disk 660 a, beforethey are replayed 670 a and then become visible 680 a at TS2, later thanTS1 giving rise to the delay.

Similarly, in the second potential scenario, a transaction comprisingdatabase operations requested by a statement causes an update to theprimary database 610 b. The primary database 610 b is part of an HA/DRsystem, such as HA/DR system 500. It has an associated secondarydatabase 620 b. Once the update is committed, the primary databasesystem 610 b writes the commit log to a persistent disk 640 b, forexample in the persistence layer 565. Subsequently, the committedchanges become visible 650 b in the primary database system 610 b tosubsequent statements at TS1. Then the commit log is written to areplication log send buffer 660 b (which in embodiments is an example ofone potential approximated TS1 or A_TS1), and the log is replicated 530to the secondary database system. After the transaction logs arereplicated 530 to the secondary database system 610 b they may bereplayed 670 b and then become visible 680 b at TS2, later than TS1giving rise to the delay. In addition to illustrated operations in FIGS.6a and 6b , delay between TS1 and TS2 can arise for numerous reasons,and note that any network delay will increase the amount of time delaycaused by the log replication 530 processes.

FIG. 7 is a process flow diagram illustrating an arrangement in which,at 710 transactions of a first database system are replicated in asecond database system. Thereafter, at 720, a snapshot delay indicatinga delay between transactions executing in the first database systembecoming visible in the second database system, the snapshot delay isbased on the replication of a commit transaction in the second databaseassociated with a commit transaction executed in the first database.Further, at 730, it is determined that a predefined period of time haselapsed since replicating the commit transaction in the second database.Then, at 740, a second snapshot delay is generated based on a currentsystem time and a time associated with the heartbeat log received fromthe first database. A statement requesting transactions in the secondarydatabase can then be selectively executed or denied, at 750, based onthe generated second snapshot delay.

FIG. 8 is a process flow diagram illustrating an arrangement in which,at 810, transaction logs of a first database system are sent to a seconddatabase system in order that the first database system can bereplicated in the second database system based on the transaction logs.Thereafter, at 820, a transaction log is generated containing atimestamp associated with a commit transaction in the first databasesystem. Subsequently, it is determined that a predefined period of timehas elapsed, at 830, without the first database system committing anytransactions. Then, responsive to the determination, a heartbeattransaction log having an associated timestamp is generated at 840. Thisis then sent to the secondary database system at 850.

FIG. 9 is a process flow diagram illustrating an arrangement in which,at 910, a first database system is replicated in a second databasesystem during ongoing database operations responsive to clientstatements. At 920, a determination is made that a predefined period oftime has elapsed 930 or has not elapsed 950. If the period of time hasnot elapsed, a snapshot delay is generated, at 940, based on adifference between A_TS2, an approximation of TS2 as discussed above,and A_TS1, an approximation of TS1 as discussed above. If the period oftime has elapsed, a snapshot delay is generated, at 950, based on adifference between a current system time of the secondary databasesystem (current_system_time) and A_TS1, an approximation of TS1 asdiscussed above.

One or more aspects or features of the subject matter described hereincan be realized in digital electronic circuitry, integrated circuitry,specially designed application specific integrated circuits (ASICs),field programmable gate arrays (FPGAs) computer hardware, firmware,software, and/or combinations thereof. These various aspects or featurescan include implementation in one or more computer programs that areexecutable and/or interpretable on a programmable system including atleast one programmable processor, which can be special or generalpurpose, coupled to receive data and instructions from, and to transmitdata and instructions to, a storage system, at least one input device,and at least one output device. The programmable system or computingsystem may include clients and servers. A client and server aregenerally remote from each other and typically interact through acommunication network. The relationship of client and server arises byvirtue of computer programs running on the respective computers andhaving a client-server relationship to each other.

These computer programs, which can also be referred to as programs,software, software applications, applications, components, or code,include machine instructions for a programmable processor, and can beimplemented in a high-level procedural language, an object-orientedprogramming language, a functional programming language, a logicalprogramming language, and/or in assembly/machine language. As usedherein, the term “machine-readable medium” refers to any computerprogram product, apparatus and/or device, such as for example magneticdiscs, optical disks, memory, and Programmable Logic Devices (PLDs),used to provide machine instructions and/or data to a programmableprocessor, including a machine-readable medium that receives machineinstructions as a machine-readable signal. The term “machine-readablesignal” refers to any signal used to provide machine instructions and/ordata to a programmable processor. The machine-readable medium can storesuch machine instructions non-transitorily, such as for example as woulda non-transient solid-state memory or a magnetic hard drive or anyequivalent storage medium. The machine-readable medium can alternativelyor additionally store such machine instructions in a transient manner,such as for example as would a processor cache or other random accessmemory associated with one or more physical processor cores.

To provide for interaction with a user, the subject matter describedherein may be implemented on a computer having a display device (e.g., aCRT (cathode ray tube) or LCD (liquid crystal display) monitor) fordisplaying information to the user and a keyboard and a pointing device(e.g., a mouse or a trackball) and/or a touch screen by which the usermay provide input to the computer. Other kinds of devices may be used toprovide for interaction with a user as well; for example, feedbackprovided to the user may be any form of sensory feedback (e.g., visualfeedback, auditory feedback, or tactile feedback); and input from theuser may be received in any form, including acoustic, speech, or tactileinput.

In the descriptions above and in the claims, phrases such as “at leastone of” or “one or more of” may occur followed by a conjunctive list ofelements or features. The term “and/or” may also occur in a list of twoor more elements or features. Unless otherwise implicitly or explicitlycontradicted by the context in which it is used, such a phrase isintended to mean any of the listed elements or features individually orany of the recited elements or features in combination with any of theother recited elements or features. For example, the phrases “at leastone of A and B;” “one or more of A and B;” and “A and/or B” are eachintended to mean “A alone, B alone, or A and B together.” A similarinterpretation is also intended for lists including three or more items.For example, the phrases “at least one of A, B, and C;” “one or more ofA, B, and C;” and “A, B, and/or C” are each intended to mean “A alone, Balone, C alone, A and B together, A and C together, B and C together, orA and B and C together.” In addition, use of the term “based on,” aboveand in the claims is intended to mean, “based at least in part on,” suchthat an unrecited feature or element is also permissible.

The subject matter described herein can be embodied in systems,apparatus, methods, and/or articles depending on the desiredconfiguration. The implementations set forth in the foregoingdescription do not represent all implementations consistent with thesubject matter described herein. Instead, they are merely some examplesconsistent with aspects related to the described subject matter.Although a few variations have been described in detail above, othermodifications or additions are possible. In particular, further featuresand/or variations can be provided in addition to those set forth herein.For example, the implementations described above can be directed tovarious combinations and subcombinations of the disclosed featuresand/or combinations and subcombinations of several further featuresdisclosed above. In addition, the logic flows depicted in theaccompanying figures and/or described herein do not necessarily requirethe particular order shown, or sequential order, to achieve desirableresults. Other implementations may be within the scope of the followingclaims.

What is claimed is:
 1. A method for implementation by one or morecomputer processors forming part of at least one computing device, themethod comprising: replicating, by at least one computer processor,transactions of a first database system in a second database systemincluding a commit transaction associated with a statement received bythe first database system; determining, by at least one computerprocessor, a delay between the first database system and the seconddatabase system based on a first timestamp associated with the committransaction and a second timestamp associated with the committransaction becoming visible in the secondary database; determining, byat least one computer processor, that a predefined period of time haselapsed since replicating the commit transaction; receiving, by at leastone computer processor, a heartbeat log generated by the first databasesystem when a period of time elapses without the first database systemperforming a second commit database operation; determining, by at leastone computer processor, a second delay based on a second database systemtime and a third timestamp associated with the heartbeat log; andselectively determining, by at least one computer processor, to executeor to deny a statement received by the secondary database system basedon the second delay.
 2. The method for implementation by one or morecomputer processors of claim 1 further comprising generating, by atleast one computer processor, a return associated with the statement,the return including all records of the second database system relevantto the statement and having a commit timestamp less than or equal to acommit timestamp associated with the commit transaction.
 3. The methodfor implementation by one or more computer processors of claim 1 furthercomprising: receiving, by at least one computer processor, a secondclient statement requesting a second read operation; and determining, byat least one computer processor, to deny the second client statementbased on a third delay generated based on a current second databasesystem time and the heartbeat log.
 4. The method for implementation byone or more computer processors of claim 3 further comprising,responsive to the determination: routing, by at least one computerprocessor, the second client statement to the first database system. 5.The method for implementation by one or more computer processors ofclaim 3, wherein the determination is in response to routing dataassociated with the second client statement indicating that the secondclient statement may be executed in either the first database system orthe second database system.
 6. The method for implementation by one ormore computer processors of claim 1 further comprising: receiving, by atleast one computer processor, a second client statement includingrouting data and requesting a read operation, the routing dataindicating that the statement may be routed to either the first databasesystem or a second database system so long as a maximum snapshot delayis not exceeded by the second database system; determining, by at leastone computer processor, that the second client statement may be executedin the second database system based on either the delay or the seconddelay; and routing, by at least one computer processor, the statement toa client application with information indicating that the statement maybe routed to the second database system to be executed.
 7. The methodfor implementation by one or more computer processors of claim 1,further comprising executing the statement and generating a returnassociated with the statement, wherein the generated return includes thesecond delay, the method further comprising: receiving, by at least onecomputer processor, the return including the second delay; anddiscarding, by at least one computer processor, the return based on thesecond delay.
 8. The method for implementation by one or more computerprocessors of claim 1 further comprising: requesting, by at least onecomputer processor, the delay from the second database system; andsending, by at least one computer processor, a third statement to eitherthe first database system or the second database system based the delay.9. A method for implementation by one or more computer processorsforming part of at least one computing device, the method comprising:replicating, by at least one computer processor, a first database in asecond database while the first database is subject to ongoing databaseoperations responsive to client application statements; generating, byat least one computer processor, a snapshot delay value indicative of adelay in time between a database operation becoming visible to theclient application statements in the first database and a replicateddatabase operation becoming visible in the second database, thereplicated database operation associated with the database operation,wherein generating a snapshot delay comprises: after the replicateddatabase operation becomes visible in the secondary database, and beforea period of time elapses, generating the snapshot delay by calculating adifference between a first timestamp associated with the replicateddatabase transaction becoming visible in the second database and asecond timestamp associated with the database operation becoming visiblein the primary database; or after the period of time elapses, generatingthe snapshot delay by calculating the difference between a currentsystem time of the secondary database and the second timestamp.
 10. Themethod of claim 9, further comprising generating, by at least onecomputer processor, a return associated with the statement, the returnincluding all records of the second database relevant to the statementand having a commit timestamp less than or equal to a commit timestampassociated with the commit transaction.
 11. The method of claim 9,further comprising: receiving, by at least one computer processor, asecond client statement requesting a second read operation; anddetermining, by at least one computer processor, to deny the secondclient statement based on a third delay generated based on a currentsecond database system time and a heartbeat log.
 12. The method claim11, further comprising, responsive to the determination: routing, by atleast one computer processor, the second client statement to the firstdatabase system.
 13. The method of claim 11, wherein the determinationis in response to routing data associated with the second clientstatement indicating that the second client statement may be executed ineither the first database system or the second database system.
 14. Themethod of claim 9, further comprising: receiving, by at least onecomputer processor, a second client statement including routing data andrequesting a read operation, the routing data indicating that thestatement may be routed to either the first database system or a seconddatabase system so long as a maximum snapshot delay is not exceeded bythe second database system; determining, by at least one computerprocessor, that the second client statement may be executed in thesecond database system based on either the delay or the second delay;and routing, by at least one computer processor, the statement to aclient application with information indicating that the statement may berouted to the second database system to be executed.
 15. The method ofclaim 9, further comprising executing the statement and generating areturn associated with the statement, wherein the generated returnincludes the second delay, the method further comprising: receiving, byat least one computer processor, the return including the second delay;and discarding, by at least one computer processor, the return based onthe second delay.
 16. The method of claim 9, further comprising:requesting, by at least one computer processor, the delay from thesecond database system; and sending, by at least one computer processor,a third statement to either the first database system or the seconddatabase system based the delay.
 17. A non-transitory computer programproduct storing instructions which, when executed by at least one dataprocessor forming part of at least one computing device, implementoperations comprising: replicating, by at least one computer processor,transactions of a first database system in a second database systemincluding a commit transaction associated with a statement received bythe first database system; determining, by at least one computerprocessor, a delay between the first database system and the seconddatabase system based on a first timestamp associated with the committransaction and a second timestamp associated with the committransaction becoming visible in the secondary database; determining, byat least one computer processor, that a predefined period of time haselapsed since replicating the commit transaction; receiving, by at leastone computer processor, a heartbeat log generated by the first databasesystem when a period of time elapses without the first database systemperforming a second commit database operation; determining, by at leastone computer processor, a second delay based on a second database systemtime and a third timestamp associated with the heartbeat log; andselectively determining, by at least one computer processor, to executeor to deny a statement received by the secondary database system basedon the second delay.
 18. The non-transitory computer program product ofclaim 17, wherein the operations further comprise generating, by atleast one computer processor, a return associated with the statement,the return including all records of the second database system relevantto the statement and having a commit timestamp less than or equal to acommit timestamp associated with the commit transaction.
 19. Thenon-transitory computer program product of claim 17, wherein theoperations further comprise: receiving, by at least one computerprocessor, a second client statement requesting a second read operation;and determining, by at least one computer processor, to deny the secondclient statement based on a third delay generated based on a currentsecond database system time and the heartbeat log.
 20. Thenon-transitory computer program product of claim 17, wherein theoperations further comprise, responsive to the determination: routing,by at least one computer processor, the second client statement to thefirst database system, wherein the determination is in response torouting data associated with the second client statement indicating thatthe second client statement may be executed in either the first databasesystem or the second database system.